Claims that millions of US online bank accounts were easy targets for cyber criminals have been dismissed by the company hosting the servers.

According to a report in the Observer newspaper, Isle of Man-based security expert Ralph Dressel claimed to have stumbled across a flaw that allowed him to access millions of bank accounts. Many other news services reported the story unchallenged.

However, an investigation by vnunet.com revealed that the information accessed by Dressel was nothing more than fictitious data used for staff training and demonstrations.

In a statement issued late today, Leslie Muma, president and chief executive of Fiserv, the company that hosted the US bank's servers, said the Observer's story was "incorrect and misleading".

"A British internet banking customer quoted in the stories accessed only demonstration accounts at sites maintained for clients of a Fiserv servicing unit. The demonstration accounts contain only fictitious data used for training and sales purposes."

"We maintain the strictest security on all of our systems whether for internet banking or core account processing. At no time were any of our systems in danger of being compromised," said Muma.

Dressel said he was free to carry out a wide range of financial transactions including transferring funds and changing PINs. Fiserv manages web services for a number of banks including Abbey National in the UK.